<?php
include('common/constants.php');
include('common/db.php');

if (!isset( $_POST )){
	echo "Nothing to save.";
}

//create array to temporarily grab variables
$input_arr = array();
//grabs the $_POST variables and adds slashes
foreach ($_POST as $key => $input_arr) {
	$_POST[$key] = addslashes(htmlspecialchars($input_arr));
}


if ($_POST['action_type'] == "update") {
	
	$slctSql = " SELECT * FROM reservation WHERE advert_id='". $_POST['advertisement_id']. "'";
	$result = mysql_query($slctSql) or trigger_error(mysql_error());
	$num = mysql_num_rows($result);
	
	//$_POST['travel_date'] = date("Y-m-d", strtotime($_POST['travel_date']) );
	if ($num != 0) {
		echo "This posting already has user requests. Hence it cannot be updated.";
		
	}else if ($num == 0) {
	
		$updateSql = "UPDATE `advertisement` SET `email`='{$_POST['email']}', `ref_number`='{$_POST['ref_number']}', `advertisement_type`='{$_POST['advertisement_type']}', `origin`='{$_POST['origin']}', `destination`='{$_POST['destination']}', `travel_distance`='{$_POST['travel_distance']}', `travel_time`='{$_POST['travel_duration']}' , `price`='{$_POST['price_per_seat']}', `description`='{$_POST['description']}', `origin_time`='" . date("H:i", strtotime($_POST['origin_time'])) . "', `dest_time`='" . date("H:i", strtotime($_POST['dest_time'])) . "', `travel_date`='{$_POST['travel_date']}', `vehicle_type_id`='{$_POST['vehicle_type_id']}', `route_name`='{$_POST['route_name']}', `split_cost`='{$_POST['split_cost']}', `take_turns`='{$_POST['take_turns']}', `daily`='{$_POST['daily']}', `weekly`='{$_POST['weekly']}', `monthly`='{$_POST['monthly']}', `sun`='{$_POST['sun']}', `mon`='{$_POST['mon']}', `tue`='{$_POST['tue']}', `wed`='{$_POST['wed']}', `thu`='{$_POST['thu']}', `fri`='{$_POST['fri']}', `sat`='{$_POST['sat']}', `travel_route`='{$_POST['route_string']}' WHERE `advert_id`='". $_POST['advertisement_id']. "'";
	
		//echo "updateSql : " . $updateSql;
		if(mysql_query($updateSql)){
			
				$seatsSql = "SELECT * FROM `seat` WHERE advert_id='". $_POST['advertisement_id']. "'";
				$result = mysql_query($seatsSql) or trigger_error(mysql_error());
                $num = mysql_num_rows($result);
				
				
				if ($_POST['numOfSeats'] > $num) {
					$additionSeats = $_POST['numOfSeats'] - $num ;
					for ($i=1; $i <= $additionSeats; $i++) { 
						$sql2 = " INSERT INTO `seat`(`vehicle_type_id`, `advert_id`, `seat_status`) ";
						$sql2 .= " VALUES('{$_POST['vehicle_type_id']}', {$_POST['advertisement_id']}, 'open'); ";
						mysql_query($sql2);
					}
				} else if ($_POST['numOfSeats'] < $num){
					$seatsDeletes = $num - $_POST['numOfSeats'] ;
					$deleteSql = "DELETE FROM `seat` WHERE `advert_id`='". $_POST['advertisement_id']. "' LIMIT " . $seatsDeletes;
					mysql_query($deleteSql);
				}
				
				echo "success";
		}else{
			echo "fail";
		}
	
	} 
	
} else if ($_POST['action_type'] == "complete") {

	$updateSql2 = "UPDATE `advertisement` SET `status`='completed' WHERE `advert_id`='". $_POST['advertisement_id']. "'";
	
	//echo "updateSql2 : " . $updateSql2;
	if(mysql_query($updateSql2)){
		echo "success";
	}else{
		echo "Mark completion failed.";
	}
	
} else if ($_POST['action_type'] == "delete") {

	$deleteSql = "DELETE FROM `advertisement` WHERE `advert_id`='". $_POST['advertisement_id']. "'";
	

	if(mysql_query($deleteSql)){
		echo "deleteSuccess";
	}else{
		echo "Deletion failed.";
	}
	
	//Should delete related reservations and seats as well
	$deleteSql2 = "DELETE FROM reservation WHERE advert_id='". $_POST['advertisement_id']. "'";
	mysql_query($deleteSql2);
	
	$deleteSql3 = "DELETE FROM seat WHERE advert_id='". $_POST['advertisement_id']. "'";
	mysql_query($deleteSql3);
	
	$deleteSql4 = "DELETE FROM seat_like WHERE advert_id='". $_POST['advertisement_id']. "'";
	mysql_query($deleteSql4);
}